npf and ephemeral interfaces (tun0)

To: "tech-net%NetBSD.org@localhost" <tech-net%netbsd.org@localhost>
Subject: npf and ephemeral interfaces (tun0)
From: David Brownlee <abs%absd.org@localhost>
Date: Wed, 17 Feb 2016 15:26:55 +0000

I have a server which needs to run an npf map rule on its OpenVPN
interface (tun0).

I can create the rule fine, but when the system restarts tnpf rejects
the rulset because there is no tun0 interface. Am I missing something?
Is there a way around this?

I have a couple of other systems still using pf to avoid this kind of issue :/

Relevant rule lines:

$vpn_if = inet4(tun0)
map $vpn_if dynamic $foohost      port 22 <- $foohost port 24

Thanks

Follow-Ups:
- Re: npf and ephemeral interfaces (tun0)
  - From: Christos Zoulas
- Re: npf and ephemeral interfaces (tun0)
  - From: Tobias Nygren

Prev by Date: Re: passive references
Next by Date: Re: npf and ephemeral interfaces (tun0)
Previous by Thread: sctp & ipv4-mapped ipv6 fix
Next by Thread: Re: npf and ephemeral interfaces (tun0)
Indexes:

Home | Main Index | Thread Index | Old Index